[hcs-d] "Massive" DNS Vulnerability - Is it really that bad?
jkroll at hcs.harvard.edu
Tue Jul 8 19:15:07 EDT 2008
Does anyone else think this is a little silly?
We've known that DNS is vulnerable to spoofing for a long
time. Nothing has changed. There aren't even new attacks out there
(well, there are plenty of new DNS attacks, but they aren't this
heavy-handed). Wouldn't it be better to use a firewall that was clever
enough not to let 33,000 DNS packets through in only a few ms?
Maybe I'm just a DNS geek.
More information about the hcs-discuss